Unrated severityNVD Advisory· Published May 2, 2018· Updated Aug 5, 2024

CVE-2018-9919

Description

A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php writes data from the "down_url" URL into the "bddlj" local file if the attacker knows the backdoor "jmmy" parameter.

Affected products

Phpdocumentor/Reflection Docblockinferred
Tp Shop/Tpshopllm-create
Range: 2.0.5 - 2.0.8

Patches

Vulnerability mechanics

References

seclists.org/fulldisclosure/2018/May/11mitremailing-listx_refsource_FULLDISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000